diff options
Diffstat (limited to 'openssl/crypto/krb5')
-rw-r--r-- | openssl/crypto/krb5/krb5_asn.c | 95 | ||||
-rw-r--r-- | openssl/crypto/krb5/krb5_asn.h | 268 |
2 files changed, 171 insertions, 192 deletions
diff --git a/openssl/crypto/krb5/krb5_asn.c b/openssl/crypto/krb5/krb5_asn.c index 1fb741d2a..d9851e973 100644 --- a/openssl/crypto/krb5/krb5_asn.c +++ b/openssl/crypto/krb5/krb5_asn.c @@ -1,7 +1,8 @@ /* krb5_asn.c */ -/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, -** using ocsp/{*.h,*asn*.c} as a starting point -*/ +/* + * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, ** + * using ocsp/{*.h,*asn*.c} as a starting point + */ /* ==================================================================== * Copyright (c) 2000 The OpenSSL Project. All rights reserved. * @@ -10,7 +11,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -61,107 +62,101 @@ ASN1_SEQUENCE(KRB5_ENCDATA) = { - ASN1_EXP(KRB5_ENCDATA, etype, ASN1_INTEGER, 0), - ASN1_EXP_OPT(KRB5_ENCDATA, kvno, ASN1_INTEGER, 1), - ASN1_EXP(KRB5_ENCDATA, cipher, ASN1_OCTET_STRING,2) + ASN1_EXP(KRB5_ENCDATA, etype, ASN1_INTEGER, 0), + ASN1_EXP_OPT(KRB5_ENCDATA, kvno, ASN1_INTEGER, 1), + ASN1_EXP(KRB5_ENCDATA, cipher, ASN1_OCTET_STRING,2) } ASN1_SEQUENCE_END(KRB5_ENCDATA) IMPLEMENT_ASN1_FUNCTIONS(KRB5_ENCDATA) ASN1_SEQUENCE(KRB5_PRINCNAME) = { - ASN1_EXP(KRB5_PRINCNAME, nametype, ASN1_INTEGER, 0), - ASN1_EXP_SEQUENCE_OF(KRB5_PRINCNAME, namestring, ASN1_GENERALSTRING, 1) + ASN1_EXP(KRB5_PRINCNAME, nametype, ASN1_INTEGER, 0), + ASN1_EXP_SEQUENCE_OF(KRB5_PRINCNAME, namestring, ASN1_GENERALSTRING, 1) } ASN1_SEQUENCE_END(KRB5_PRINCNAME) IMPLEMENT_ASN1_FUNCTIONS(KRB5_PRINCNAME) - /* [APPLICATION 1] = 0x61 */ ASN1_SEQUENCE(KRB5_TKTBODY) = { - ASN1_EXP(KRB5_TKTBODY, tktvno, ASN1_INTEGER, 0), - ASN1_EXP(KRB5_TKTBODY, realm, ASN1_GENERALSTRING, 1), - ASN1_EXP(KRB5_TKTBODY, sname, KRB5_PRINCNAME, 2), - ASN1_EXP(KRB5_TKTBODY, encdata, KRB5_ENCDATA, 3) + ASN1_EXP(KRB5_TKTBODY, tktvno, ASN1_INTEGER, 0), + ASN1_EXP(KRB5_TKTBODY, realm, ASN1_GENERALSTRING, 1), + ASN1_EXP(KRB5_TKTBODY, sname, KRB5_PRINCNAME, 2), + ASN1_EXP(KRB5_TKTBODY, encdata, KRB5_ENCDATA, 3) } ASN1_SEQUENCE_END(KRB5_TKTBODY) IMPLEMENT_ASN1_FUNCTIONS(KRB5_TKTBODY) -ASN1_ITEM_TEMPLATE(KRB5_TICKET) = - ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 1, - KRB5_TICKET, KRB5_TKTBODY) +ASN1_ITEM_TEMPLATE(KRB5_TICKET) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 1, + KRB5_TICKET, KRB5_TKTBODY) ASN1_ITEM_TEMPLATE_END(KRB5_TICKET) IMPLEMENT_ASN1_FUNCTIONS(KRB5_TICKET) - /* [APPLICATION 14] = 0x6e */ ASN1_SEQUENCE(KRB5_APREQBODY) = { - ASN1_EXP(KRB5_APREQBODY, pvno, ASN1_INTEGER, 0), - ASN1_EXP(KRB5_APREQBODY, msgtype, ASN1_INTEGER, 1), - ASN1_EXP(KRB5_APREQBODY, apoptions, ASN1_BIT_STRING, 2), - ASN1_EXP(KRB5_APREQBODY, ticket, KRB5_TICKET, 3), - ASN1_EXP(KRB5_APREQBODY, authenticator, KRB5_ENCDATA, 4), + ASN1_EXP(KRB5_APREQBODY, pvno, ASN1_INTEGER, 0), + ASN1_EXP(KRB5_APREQBODY, msgtype, ASN1_INTEGER, 1), + ASN1_EXP(KRB5_APREQBODY, apoptions, ASN1_BIT_STRING, 2), + ASN1_EXP(KRB5_APREQBODY, ticket, KRB5_TICKET, 3), + ASN1_EXP(KRB5_APREQBODY, authenticator, KRB5_ENCDATA, 4), } ASN1_SEQUENCE_END(KRB5_APREQBODY) IMPLEMENT_ASN1_FUNCTIONS(KRB5_APREQBODY) -ASN1_ITEM_TEMPLATE(KRB5_APREQ) = - ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 14, - KRB5_APREQ, KRB5_APREQBODY) +ASN1_ITEM_TEMPLATE(KRB5_APREQ) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 14, + KRB5_APREQ, KRB5_APREQBODY) ASN1_ITEM_TEMPLATE_END(KRB5_APREQ) IMPLEMENT_ASN1_FUNCTIONS(KRB5_APREQ) - -/* Authenticator stuff */ +/* Authenticator stuff */ ASN1_SEQUENCE(KRB5_CHECKSUM) = { - ASN1_EXP(KRB5_CHECKSUM, ctype, ASN1_INTEGER, 0), - ASN1_EXP(KRB5_CHECKSUM, checksum, ASN1_OCTET_STRING,1) + ASN1_EXP(KRB5_CHECKSUM, ctype, ASN1_INTEGER, 0), + ASN1_EXP(KRB5_CHECKSUM, checksum, ASN1_OCTET_STRING,1) } ASN1_SEQUENCE_END(KRB5_CHECKSUM) IMPLEMENT_ASN1_FUNCTIONS(KRB5_CHECKSUM) ASN1_SEQUENCE(KRB5_ENCKEY) = { - ASN1_EXP(KRB5_ENCKEY, ktype, ASN1_INTEGER, 0), - ASN1_EXP(KRB5_ENCKEY, keyvalue, ASN1_OCTET_STRING,1) + ASN1_EXP(KRB5_ENCKEY, ktype, ASN1_INTEGER, 0), + ASN1_EXP(KRB5_ENCKEY, keyvalue, ASN1_OCTET_STRING,1) } ASN1_SEQUENCE_END(KRB5_ENCKEY) IMPLEMENT_ASN1_FUNCTIONS(KRB5_ENCKEY) - /* SEQ OF SEQ; see ASN1_EXP_SEQUENCE_OF_OPT() below */ ASN1_SEQUENCE(KRB5_AUTHDATA) = { - ASN1_EXP(KRB5_AUTHDATA, adtype, ASN1_INTEGER, 0), - ASN1_EXP(KRB5_AUTHDATA, addata, ASN1_OCTET_STRING,1) + ASN1_EXP(KRB5_AUTHDATA, adtype, ASN1_INTEGER, 0), + ASN1_EXP(KRB5_AUTHDATA, addata, ASN1_OCTET_STRING,1) } ASN1_SEQUENCE_END(KRB5_AUTHDATA) IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHDATA) - /* [APPLICATION 2] = 0x62 */ ASN1_SEQUENCE(KRB5_AUTHENTBODY) = { - ASN1_EXP(KRB5_AUTHENTBODY, avno, ASN1_INTEGER, 0), - ASN1_EXP(KRB5_AUTHENTBODY, crealm, ASN1_GENERALSTRING, 1), - ASN1_EXP(KRB5_AUTHENTBODY, cname, KRB5_PRINCNAME, 2), - ASN1_EXP_OPT(KRB5_AUTHENTBODY, cksum, KRB5_CHECKSUM, 3), - ASN1_EXP(KRB5_AUTHENTBODY, cusec, ASN1_INTEGER, 4), - ASN1_EXP(KRB5_AUTHENTBODY, ctime, ASN1_GENERALIZEDTIME, 5), - ASN1_EXP_OPT(KRB5_AUTHENTBODY, subkey, KRB5_ENCKEY, 6), - ASN1_EXP_OPT(KRB5_AUTHENTBODY, seqnum, ASN1_INTEGER, 7), - ASN1_EXP_SEQUENCE_OF_OPT - (KRB5_AUTHENTBODY, authorization, KRB5_AUTHDATA, 8), + ASN1_EXP(KRB5_AUTHENTBODY, avno, ASN1_INTEGER, 0), + ASN1_EXP(KRB5_AUTHENTBODY, crealm, ASN1_GENERALSTRING, 1), + ASN1_EXP(KRB5_AUTHENTBODY, cname, KRB5_PRINCNAME, 2), + ASN1_EXP_OPT(KRB5_AUTHENTBODY, cksum, KRB5_CHECKSUM, 3), + ASN1_EXP(KRB5_AUTHENTBODY, cusec, ASN1_INTEGER, 4), + ASN1_EXP(KRB5_AUTHENTBODY, ctime, ASN1_GENERALIZEDTIME, 5), + ASN1_EXP_OPT(KRB5_AUTHENTBODY, subkey, KRB5_ENCKEY, 6), + ASN1_EXP_OPT(KRB5_AUTHENTBODY, seqnum, ASN1_INTEGER, 7), + ASN1_EXP_SEQUENCE_OF_OPT + (KRB5_AUTHENTBODY, authorization, KRB5_AUTHDATA, 8), } ASN1_SEQUENCE_END(KRB5_AUTHENTBODY) IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHENTBODY) -ASN1_ITEM_TEMPLATE(KRB5_AUTHENT) = - ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 2, - KRB5_AUTHENT, KRB5_AUTHENTBODY) +ASN1_ITEM_TEMPLATE(KRB5_AUTHENT) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 2, + KRB5_AUTHENT, KRB5_AUTHENTBODY) ASN1_ITEM_TEMPLATE_END(KRB5_AUTHENT) IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHENT) - diff --git a/openssl/crypto/krb5/krb5_asn.h b/openssl/crypto/krb5/krb5_asn.h index 41725d0dc..9cf5a26dd 100644 --- a/openssl/crypto/krb5/krb5_asn.h +++ b/openssl/crypto/krb5/krb5_asn.h @@ -1,7 +1,8 @@ /* krb5_asn.h */ -/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, -** using ocsp/{*.h,*asn*.c} as a starting point -*/ +/* + * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, ** + * using ocsp/{*.h,*asn*.c} as a starting point + */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. @@ -11,7 +12,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -58,177 +59,161 @@ */ #ifndef HEADER_KRB5_ASN_H -#define HEADER_KRB5_ASN_H +# define HEADER_KRB5_ASN_H /* -#include <krb5.h> -*/ -#include <openssl/safestack.h> + * #include <krb5.h> + */ +# include <openssl/safestack.h> #ifdef __cplusplus extern "C" { #endif +/* + * ASN.1 from Kerberos RFC 1510 + */ -/* ASN.1 from Kerberos RFC 1510 -*/ - -/* EncryptedData ::= SEQUENCE { -** etype[0] INTEGER, -- EncryptionType -** kvno[1] INTEGER OPTIONAL, -** cipher[2] OCTET STRING -- ciphertext -** } -*/ -typedef struct krb5_encdata_st - { - ASN1_INTEGER *etype; - ASN1_INTEGER *kvno; - ASN1_OCTET_STRING *cipher; - } KRB5_ENCDATA; +/*- EncryptedData ::= SEQUENCE { + * etype[0] INTEGER, -- EncryptionType + * kvno[1] INTEGER OPTIONAL, + * cipher[2] OCTET STRING -- ciphertext + * } + */ +typedef struct krb5_encdata_st { + ASN1_INTEGER *etype; + ASN1_INTEGER *kvno; + ASN1_OCTET_STRING *cipher; +} KRB5_ENCDATA; DECLARE_STACK_OF(KRB5_ENCDATA) -/* PrincipalName ::= SEQUENCE { -** name-type[0] INTEGER, -** name-string[1] SEQUENCE OF GeneralString -** } -*/ -typedef struct krb5_princname_st - { - ASN1_INTEGER *nametype; - STACK_OF(ASN1_GENERALSTRING) *namestring; - } KRB5_PRINCNAME; +/*- PrincipalName ::= SEQUENCE { + * name-type[0] INTEGER, + * name-string[1] SEQUENCE OF GeneralString + * } + */ +typedef struct krb5_princname_st { + ASN1_INTEGER *nametype; + STACK_OF(ASN1_GENERALSTRING) *namestring; +} KRB5_PRINCNAME; DECLARE_STACK_OF(KRB5_PRINCNAME) - -/* Ticket ::= [APPLICATION 1] SEQUENCE { -** tkt-vno[0] INTEGER, -** realm[1] Realm, -** sname[2] PrincipalName, -** enc-part[3] EncryptedData -** } -*/ -typedef struct krb5_tktbody_st - { - ASN1_INTEGER *tktvno; - ASN1_GENERALSTRING *realm; - KRB5_PRINCNAME *sname; - KRB5_ENCDATA *encdata; - } KRB5_TKTBODY; +/*- Ticket ::= [APPLICATION 1] SEQUENCE { + * tkt-vno[0] INTEGER, + * realm[1] Realm, + * sname[2] PrincipalName, + * enc-part[3] EncryptedData + * } + */ +typedef struct krb5_tktbody_st { + ASN1_INTEGER *tktvno; + ASN1_GENERALSTRING *realm; + KRB5_PRINCNAME *sname; + KRB5_ENCDATA *encdata; +} KRB5_TKTBODY; typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET; DECLARE_STACK_OF(KRB5_TKTBODY) - -/* AP-REQ ::= [APPLICATION 14] SEQUENCE { -** pvno[0] INTEGER, -** msg-type[1] INTEGER, -** ap-options[2] APOptions, -** ticket[3] Ticket, -** authenticator[4] EncryptedData -** } -** -** APOptions ::= BIT STRING { -** reserved(0), use-session-key(1), mutual-required(2) } -*/ -typedef struct krb5_ap_req_st - { - ASN1_INTEGER *pvno; - ASN1_INTEGER *msgtype; - ASN1_BIT_STRING *apoptions; - KRB5_TICKET *ticket; - KRB5_ENCDATA *authenticator; - } KRB5_APREQBODY; +/*- AP-REQ ::= [APPLICATION 14] SEQUENCE { + * pvno[0] INTEGER, + * msg-type[1] INTEGER, + * ap-options[2] APOptions, + * ticket[3] Ticket, + * authenticator[4] EncryptedData + * } + * + * APOptions ::= BIT STRING { + * reserved(0), use-session-key(1), mutual-required(2) } + */ +typedef struct krb5_ap_req_st { + ASN1_INTEGER *pvno; + ASN1_INTEGER *msgtype; + ASN1_BIT_STRING *apoptions; + KRB5_TICKET *ticket; + KRB5_ENCDATA *authenticator; +} KRB5_APREQBODY; typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ; DECLARE_STACK_OF(KRB5_APREQBODY) +/* Authenticator Stuff */ -/* Authenticator Stuff */ - - -/* Checksum ::= SEQUENCE { -** cksumtype[0] INTEGER, -** checksum[1] OCTET STRING -** } -*/ -typedef struct krb5_checksum_st - { - ASN1_INTEGER *ctype; - ASN1_OCTET_STRING *checksum; - } KRB5_CHECKSUM; +/*- Checksum ::= SEQUENCE { + * cksumtype[0] INTEGER, + * checksum[1] OCTET STRING + * } + */ +typedef struct krb5_checksum_st { + ASN1_INTEGER *ctype; + ASN1_OCTET_STRING *checksum; +} KRB5_CHECKSUM; DECLARE_STACK_OF(KRB5_CHECKSUM) - -/* EncryptionKey ::= SEQUENCE { -** keytype[0] INTEGER, -** keyvalue[1] OCTET STRING -** } -*/ -typedef struct krb5_encryptionkey_st - { - ASN1_INTEGER *ktype; - ASN1_OCTET_STRING *keyvalue; - } KRB5_ENCKEY; +/*- EncryptionKey ::= SEQUENCE { + * keytype[0] INTEGER, + * keyvalue[1] OCTET STRING + * } + */ +typedef struct krb5_encryptionkey_st { + ASN1_INTEGER *ktype; + ASN1_OCTET_STRING *keyvalue; +} KRB5_ENCKEY; DECLARE_STACK_OF(KRB5_ENCKEY) - -/* AuthorizationData ::= SEQUENCE OF SEQUENCE { -** ad-type[0] INTEGER, -** ad-data[1] OCTET STRING -** } -*/ -typedef struct krb5_authorization_st - { - ASN1_INTEGER *adtype; - ASN1_OCTET_STRING *addata; - } KRB5_AUTHDATA; +/*- AuthorizationData ::= SEQUENCE OF SEQUENCE { + * ad-type[0] INTEGER, + * ad-data[1] OCTET STRING + * } + */ +typedef struct krb5_authorization_st { + ASN1_INTEGER *adtype; + ASN1_OCTET_STRING *addata; +} KRB5_AUTHDATA; DECLARE_STACK_OF(KRB5_AUTHDATA) - -/* -- Unencrypted authenticator -** Authenticator ::= [APPLICATION 2] SEQUENCE { -** authenticator-vno[0] INTEGER, -** crealm[1] Realm, -** cname[2] PrincipalName, -** cksum[3] Checksum OPTIONAL, -** cusec[4] INTEGER, -** ctime[5] KerberosTime, -** subkey[6] EncryptionKey OPTIONAL, -** seq-number[7] INTEGER OPTIONAL, -** authorization-data[8] AuthorizationData OPTIONAL -** } -*/ -typedef struct krb5_authenticator_st - { - ASN1_INTEGER *avno; - ASN1_GENERALSTRING *crealm; - KRB5_PRINCNAME *cname; - KRB5_CHECKSUM *cksum; - ASN1_INTEGER *cusec; - ASN1_GENERALIZEDTIME *ctime; - KRB5_ENCKEY *subkey; - ASN1_INTEGER *seqnum; - KRB5_AUTHDATA *authorization; - } KRB5_AUTHENTBODY; +/*- -- Unencrypted authenticator + * Authenticator ::= [APPLICATION 2] SEQUENCE { + * authenticator-vno[0] INTEGER, + * crealm[1] Realm, + * cname[2] PrincipalName, + * cksum[3] Checksum OPTIONAL, + * cusec[4] INTEGER, + * ctime[5] KerberosTime, + * subkey[6] EncryptionKey OPTIONAL, + * seq-number[7] INTEGER OPTIONAL, + * authorization-data[8] AuthorizationData OPTIONAL + * } + */ +typedef struct krb5_authenticator_st { + ASN1_INTEGER *avno; + ASN1_GENERALSTRING *crealm; + KRB5_PRINCNAME *cname; + KRB5_CHECKSUM *cksum; + ASN1_INTEGER *cusec; + ASN1_GENERALIZEDTIME *ctime; + KRB5_ENCKEY *subkey; + ASN1_INTEGER *seqnum; + KRB5_AUTHDATA *authorization; +} KRB5_AUTHENTBODY; typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT; DECLARE_STACK_OF(KRB5_AUTHENTBODY) - -/* DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) = -** type *name##_new(void); -** void name##_free(type *a); -** DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) = -** DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) = -** type *d2i_##name(type **a, const unsigned char **in, long len); -** int i2d_##name(type *a, unsigned char **out); -** DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it -*/ +/*- DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) = + * type *name##_new(void); + * void name##_free(type *a); + * DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) = + * DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) = + * type *d2i_##name(type **a, const unsigned char **in, long len); + * int i2d_##name(type *a, unsigned char **out); + * DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it + */ DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA) DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME) @@ -243,9 +228,9 @@ DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA) DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY) DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT) - /* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes +/* + * The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. */ @@ -253,4 +238,3 @@ DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT) } #endif #endif - |